Anonymous attacks top European security organization—twice

For the second time in a week, Anonymous has raided the Organization for Security and Cooperation in Europe (OSCE)—the world’s largest intergovernmental security organization—and released 260 megs of documents, many classified or restricted, on its own Par:AnoIA leak site.

The first attack and leak was timed to come out on November 5th, to capitalize on Anonymous’ most important day of the year. The leak includes election-monitoring guidelines and briefing books for the Ukraine, Bosnia and the U.S., and a list of so-called Confidence Building Measures (CBMs) designed to maximize the faith placed in OSCE by potentially volatile countries.

The OSCE refused even to acknowledge that the breach had occurred, and apparently failed to adequately secure itself. When Jeffrey Carr of the Digital Dao security blog asked for a comment on confidence in light of the hack and leak, he was told that no comment would be forthcoming.

The second attack occurred Sunday. It contained an updated list of CBMs, complete to November 11th, as well as other documents relating to security, such as police training manuals and anti-hacking measures.

So much for confidence.

A well-placed source in Anonymous confirmed to the Daily Dot that Anonymous was the source of the leaks, and further that they were motivated by outrage at the OSCE’s approval of the Ukrainian election results despite widespread reports of post-poll fraud. The second attack, it seems, was more of the same, with a large helping “teaching you a lesson in security.” It was made easier by the OSCE’s apparent failure to take effective measures to block the original method of hacking.

In his announcement on Par:AnoIA, the hacker hinted that the OSCE was deliberately failing to provide effective protection or oversight because it had been co-opted by the Russian Mafia.

“Aight, since the Almighty OSCE wants to play dumb: today we present the second dump called AFTERMATH - this leak includes sensitive documents AFTER the breach was made Public, indicating ignorance and incapability to respond to such incidents. Well, OSCE fellas, we recall the situation when you have provided ‘Very Secret and Special Equipment"’to fight hackers in such hopeless country like Ukraine, do you remember that? Well read and appreciate the irony: bitly.com/SFAhqB. You did nothing to combat cyberhaxors in this country, nor anything to stop manipulation of election process...”

Nor, apparently, anything to plug the bleeding wound Anonymous had inflicted almost a week before. A source in Anonymous told the Daily Dot that it’s still open and continues to bleed.